16:00:07 <meskio> #startmeeting tor anti-censorship meeting
16:00:07 <MeetBot> Meeting started Thu Oct  3 16:00:07 2024 UTC.  The chair is meskio. Information about MeetBot at http://wiki.debian.org/MeetBot.
16:00:07 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
16:00:10 <shelikhoo> here is our meeting pad: https://pad.riseup.net/p/r.9574e996bb9c0266213d38b91b56c469
16:00:10 <shelikhoo> editable link available on request
16:00:10 <MeetBot> shelikhoo: Error: Can't start another meeting, one is in progress.
16:00:11 <meskio> hi everyone!
16:00:14 <meskio> here is our meeting pad: https://pad.riseup.net/p/r.9574e996bb9c0266213d38b91b56c469
16:00:16 <meskio> ask me in private to give you the link of the pad to be able to edit it if you don't have it
16:00:18 <meskio> I'll wait few minutes for everybody to add you've been working on and put items on the agenda
16:00:54 <shelikhoo> Oh... I think me and meskio is trying to run the meeting at the same time...
16:01:01 <shelikhoo> and I was a few second late..
16:01:15 <onyinyang> lol I guess we are all supposed to run the meeting today XD
16:01:18 <meskio> ohh, weird, you did run last week, isn't it?
16:01:26 <shelikhoo> I did run last week
16:01:40 <shelikhoo> but I think both meskio and onyinyang would be at the global gathering
16:01:42 <shelikhoo> so..
16:01:44 <meskio> I guess I'm aster
16:02:04 <meskio> the global gathering was last weekend, we are back :P
16:02:14 <shelikhoo> oh.... sorry...
16:02:33 <onyinyang> yep hihi
16:03:26 <meskio> anyway, let's get to the content, I see topic from last week on the probetest deployment, is that resolved?
16:03:40 <meskio> I think I saw you shelikhoo deploying it already
16:04:15 <shelikhoo> I have deploy it, but I didn't check the numbers
16:05:53 <meskio> ok, I guess we can look into it next week and see if it has improved
16:06:39 <shelikhoo> yes....
16:06:45 <meskio> let's move then to the new topic:
16:06:48 <meskio> Broker installation over at:
16:06:50 <meskio> snowflake-broker-debianupgradestaging-j33r3zahe.torproject.net
16:06:52 <meskio> ready to be tested and then switch to be the primary broker
16:06:54 <meskio> https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues
16:07:02 <shelikhoo> yes this is from me
16:07:03 <meskio> is the new broker ready?
16:07:19 <shelikhoo> yes, it is ready for testing...
16:07:27 <shelikhoo> I have finish set it up
16:07:33 <shelikhoo> and write the guide
16:07:53 <shelikhoo> https://gitlab.torproject.org/tpo/anti-censorship/team/-/wikis/Survival-Guides/Snowflake-Broker-Installation-Guide
16:08:08 <shelikhoo> But it would benefit from more eyes on it
16:08:14 <shelikhoo> before we deploy it
16:08:50 <meskio> cool
16:09:34 <meskio> I don't recall from the top of my head, do we need to modify the client or the standalone proxy to try it out? or can we just use a custom bridgeline for that?
16:09:44 <nipaton> Is the broker for the proxy volunteers? I don't think
16:09:59 <meskio> I can try later to run a proxy and a client
16:10:08 <shelikhoo> just the custom bridge line and custom command line settings would be sufficient
16:10:18 <meskio> great, I'll check it out
16:10:31 <meskio> nipaton: this is a replacement for the current snowflake broker
16:10:55 <meskio> our current broker is in an old debian and we decided to install a new one instead of upgrading
16:11:00 <shelikhoo> ./proxy -nat-probe-server https://snowflake-broker-debianupgradestaging-j33r3zahe.torproject.net:8443/probe -broker https://snowflake-broker-debianupgradestaging-j33r3zahe.torproject.net/  -verbose
16:11:05 <meskio> so we are testing it before switching it to become the main broker
16:11:17 <shelikhoo> this is command to run proxy
16:11:45 <shelikhoo> for client I don't have anything handy yet... but it should be fine with just some replacement
16:12:05 <meskio> :)
16:12:07 <nipaton> ah I get it, it's up to tpo to set it up to accept offers from us volunteers
16:12:27 <meskio> exactly
16:13:10 <meskio> shelikhoo: I'll give it a try and report what I see, thank you for the work
16:13:32 <shelikhoo> yes! hehe! and thanks for the advise from dcf1...
16:13:35 <meskio> we can talk next week on how to do the switch
16:13:49 <shelikhoo> yes!
16:14:28 <meskio> anything else on this topic
16:14:44 <shelikhoo> eof from shell
16:15:12 <meskio> on the interesting links we had a very productive conversation on signaling channels at the Global Gathering
16:15:19 <meskio> and notes are public in this pad: https://pad.riseup.net/p/GG-2024-Day2-Village1b
16:15:42 <meskio> onyinyang any remarks we should share?
16:16:53 <onyinyang> I'm not sure
16:17:18 <onyinyang> it was a great discussion as you said. There were lots of new ideas to explore
16:17:22 <meskio> I recall was some good discussions about using AWS S3 and around TLS record fragmentation
16:17:37 <onyinyang> and attendees seemed reinvigorated and inspired to try new things :)
16:17:45 <meskio> yeah
16:18:21 <onyinyang> yep, I think all those are documented in the pad but please feel free to fix anything I might have mistyped/remembered
16:18:50 <meskio> sure I check them out, thank you for the note taking work there
16:19:02 <shelikhoo> One of the fears I have about S3 based transport is that attacker can spam it to generate significant bill
16:19:23 <meskio> yes, I assume you can put caps in the configuration
16:20:09 <onyinyang> but then maybe it leads to a tradeoff of usefulness to genuine users vs. saving yourself from a big bill
16:20:37 <meskio> sure, we should have some kind of fall-back mechanism for signaling channels
16:21:30 <meskio> anything else for todays meeting?
16:21:45 <onyinyang> nothing from me
16:21:48 <shelikhoo> yes... I think if such thing are used in production, a way to deal with ddos attack can be provisioned
16:21:51 <shelikhoo> eof from shell
16:22:40 <meskio> #end-meeting
16:22:50 <meskio> #endmeeting